From eddd55bc5dcfe36d8a56645d4b7e2e49429a933c Mon Sep 17 00:00:00 2001
From: Leonardo Bishop <me@leonardobishop.net>
Date: Fri, 16 Jan 2026 18:45:03 +0000
Subject: Cache /userinfo for a bit

---
 web/handler/auth.go | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

(limited to 'web/handler/auth.go')

diff --git a/web/handler/auth.go b/web/handler/auth.go
index 29bd47c..fcaaadf 100644
--- a/web/handler/auth.go
+++ b/web/handler/auth.go
@@ -5,6 +5,7 @@ import (
 	"html/template"
 	"log/slog"
 	"net/http"
+	"net/url"
 	"time"
 
 	"git.leonardobishop.net/instancer/pkg/auth"
@@ -13,12 +14,17 @@ import (
 
 func GetAuth(tmpl *template.Template, authProvider *auth.OIDCAuthProvider) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Add("HX-Redirect", "/auth")
+		errMessage := r.URL.Query().Get("error")
+		if errMessage != "" {
+			w.Header().Add("HX-Redirect", "/auth?error="+url.QueryEscape(errMessage))
+		} else {
+			w.Header().Add("HX-Redirect", "/auth")
+		}
 		tmpl.ExecuteTemplate(w, "auth.html", struct {
 			Error       string
 			OidcIdPName string
 		}{
-			Error:       "",
+			Error:       errMessage,
 			OidcIdPName: authProvider.Name,
 		})
 	}
@@ -156,7 +162,6 @@ func GetAuthCallback(tmpl *template.Template, session *session.MemoryStore, auth
 func GetLogout(session *session.MemoryStore) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		//TODO expire session here
-
 		http.SetCookie(w, &http.Cookie{
 			Name:    "instancer-session",
 			Value:   "",
-- 
cgit v1.2.3-70-g09d2